LinkBack URL
About LinkBacks....and of course you have insurance to cover theft of the tapes and data and it it clearly written down that you are responsible for them during silent hours.Originally Posted by Gibbo
If you don't and you do it for free then you're a mug!
....and of course you have insurance to cover theft of the tapes and data and it it clearly written down that you are responsible for them during silent hours.
If you don't and you do it for free then you're a mug!
Ours go offsite, either with me or the network manager. As long as the tapes are encrypted, we don't see any issues with it.
Last edited by DrCheese; 4th February 2010 at 01:05 PM.
We have been told at our last two audits that backup tapes should not be taken offsite but placed in a fireproof safe onsite.
They did suggest if we really wanted them offsite then maybe partnering up with another local school and swapping tapes with them to be kept in each others fireproof safes.
That is exactly what we're thinking of doing. This can also get around the 'need' for a fireproof safe as two seperate schools are unlikely to suffer a massive fire at the same time unless the whole town burns to the ground.
Last edited by cookie_monster; 4th February 2010 at 01:37 PM.
Pretty much. It's honestly not that big a deal.Anyone whinging about it is more of a mug for making such a big deal about an issue which has been part of an IT managers life for decades.
If you can't encrypt or look after a simple tape, you really shouldn't be in any position of management.
No but would you really want to be the first
Are there any remote backup solutions? I was planning to buy Sonic Wall when the new budget comes in.
Still better than being a door mat and taken for granted eh! If you were any sort of manager you would point out the possible downfalls of taking data home, regardless of the format it is in. Being a manager is more than working extra hours without the extra pay.
If you are happy with the way you do things then good for you, but don't expect other people to follow your lead.
How about storing them at a local bank in a safe deposit box on the schools dime. Then at the very least you are only responsible for the transport to and from and the bank has probably already made sure that they can survive fire/flood/etc. I suppose this will not work if you are talking more then half a dozen or so Tapes.
I wouldn't even dream of taking ours home even if encrypted, way too much hassle. I won't even go down the road 2 miles to our data centre (other HQ building) and collect them from there and return them to our fireproof safe.
Don't like the idea of transporting the amount of data around we have, rather someone else have that headache.
So rather than address a need, you pass the buck?
Ok .. my take on this (and it is a general reply to both sides) is this.
1 - Backups should be encrypted and secure, even if kept on site. You may want to vary this if you do disk to disk to disk with using storage arrays in different buildings but this is because you are off-setting the encryption against the higher physical security (ie you make sure people do not have access to the room the remote storage arrays are in, never mind physically touching the devices themselves).
2 - As important as what you do is the policy behind it. You must have one ... it should be part of a disaster recovery plan ... or business continuity plan ... whichever angle your school has taken on it. You can pick up half decent back up strategies from a few places such as TechRepublic, Network Security Journal, BCS and not to mention the various whitepapers that come out from CA and others.
3 - If you are asked to do something reasonable by your employer then you need to have other options to suggest instead. Simply going on about "It's not my job" or "I'm not taking that risk" is pointless. You are in a position of responsibility and get paid for it. That responsibility is not about management, it is about your access and control to information and data. You are a SysAdmin. You have access to all and every piece of data (or sizable chunks) and as such you are a key person in a perfect position to pick up this section of control of data. If you want to do risk management on it then good, but it is risk management ... not buck passing. Deal with it professionally and you get dealt with professionally in return.
I've already asked before whether people would find a general backup strategy a good thing and asked folk to contribute ... and got very little response, but so thankful to those who have shared them so far. It has made me wonder how many people actually do have a backup policy / strategy, whether it is written down anywhere, whether it is signed off be senior managlement, whether it fits in with other strategies and policies in the school and whether it is reflected in the contracts for the IT staff.
Gibbo (8th February 2010)
There is nothing brave about taking backups home nor is it a question of responsibility or capability. It's the principle of taking home data without it being formally recognised as part of your responsibility. You have it written down that you are to take backups home, therefore you would be fully covered in the event an incident should occur where that data is lost. Unfortunately in this day and age of liability it would be a course of stupidity to take data home without that formal recognition you currently have.
I would be negligent in my duty if I were to ignore the possible flaws in taking data home without investigating alternative solutions or ensuring that individuals were protected.
The suggestion of working with another school is probably the most sensible one.
All you'd need then is a safe at both schools, encrypted media and you can drop them off once a week.
It isn't rocket science really.
No, it's not rocket science & yes NMs and techs should take some responsibility but, a limit has to be drawn on ACCOUNTABILITY
I do it and I'm not particularly happy doing it as I don't have the adequate storage for the policy drawn out. If one day some crackhead decides to steal the pretty yellow cartridge from my flat after sifting through my drawers and thinking because it's hidden it must be important... I want to know that I'm not going to get a savaging for it.
Some RBC's/LEA's offer remote backup solutions that can help cover many of the issues raised in this thread. Here is the solution offered here in Birmingham http://www.services.bgfl.org/myporta...eBackupNew.pdf
Last edited by eduabncs; 8th February 2010 at 01:05 PM.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
